[Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device?
Chr. v. Stuckrad
stucki at ...933...
Sun Nov 11 08:54:01 EST 2001
I'm in a hurry to create 'responses' to kill incoming ssh-connections
to some openssh-1.* vulnerable hosts where I have no root-access to,
but snort is reading on eth1 an not-writable mirror-port of an router.
I geht no visible responses on the 'normal' interface eth0, so I fear
the responses are on the wrong device (or not generated at all?) ?
PS.: I definitely compiled 1.8.2 WITH --enable-flexresponse on my LINUX
end the rule logs correctly, but so far never 'responds'.
Christoph von Stuckrad * * | nickname | <stucki at ...933...> \
Freie Universitaet Berlin |/_* | 'stucki' | Tel(days):+49 30 838-75 459 |
Fachbereich Mathematik, EDV |\ * | if online | Tel(else):+49 30 77 39 6600 |
Arnimallee 2-6/14195 Berlin * * | on IRCnet | Fax(alle):+49 30 838-75454 /
More information about the Snort-devel